<?php
include "func.php";
$m = explode(";",$_GET['m']);
$mode = $m[0];
if($mode == "new")
{
$uid = $_COOKIE['ramble_id'];
    if(!$uid) exit("Please log in.");
    $fid = $m[1];
    if($m[2] == "submit")
    {
        $sid = $_GET['PHPSESSID'];
        if($_COOKIE['PHPSESSID'] != $sid) exit;
        session_id($sid);
        session_start();
        if($_SESSION['NaCN'] != md5($_SESSION['NaCl'] . $sid)) exit;
        $title = strip_tags($_POST["title"],$atags);
        $desc = strip_tags($_POST["desc"],$atags);
        $body = strip_tags($_POST["body"],$atags);
        $err = array();
        if(!$title) $err[] = "Please enter a title.";
        if(!$body) $err[] = "Please enter a body.";
        if(!$err)
        {
            $date = time();
            $tid = $api->inc("topics");
            $params = array($title,$desc,$body,$date,$uid,$fid);
            $sql = 'INSERT INTO '. $config['mysql']['prefix'] .'topics (`topic_title`,`topic_desc`,`topic_body`,`topic_date`,`user_id`,`forum_id`) VALUES (?,?,?,?,?,?)';
            if($api->q($sql,$params) !== false)
            {
?>
<script type="text/javascript">
$("#dialog").dialog("close");
$("#content").lp('topic/view/<?=$tid?>');
</script>
<?php
            }
            else echo "There was an error. Please try again.";
        }
        else echo implode("<br>",$err);
    }
    if($_COOKIE['PHPSESSID']) session_id($_COOKIE['PHPSESSID']);
    session_start();
    $_SESSION['NaCl'] = shaker(32);
    $_SESSION['NaCN'] = md5($_SESSION['NaCl'] . $_COOKIE['PHPSESSID']);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
        "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

<head>
    <title>Ramble Forums: New Topic</title>
    <meta http-equiv="content-type" content="text/html;charset=utf-8" />
</head>
<body>
<form id="topic" action="topic.php?m=new;<?=$fid?>;submit&amp;<?=SID?>" method="post">
    <table>
        <tr>
            <th>Title</th>
            <td colspan="2"><input type="text" name="title" value="<?=$title?>" /></td>
        </tr>
        <tr>
            <th>Description</th>
            <td colspan="2"><input type="text" name="desc" value="<?=$desc?>" /></td>
        </tr>
        <tr>
            <th>Body</th>
            <td colspan="2"><textarea id="body" name="body" rows="4" cols="40"><?=$body?></textarea></td>
        </tr>
    </table>
</form>
<div id="preview"></div>
</body>
</html>
<?php
}
elseif($mode == "edit")
{
    $uid = $_COOKIE['ramble_id'];
    $tid = $m[1];
    $sid = $_GET['PHPSESSID'];
    if($_COOKIE['PHPSESSID'] != $sid) exit;
    session_id($sid);
    session_start();
    if($_SESSION['NaCN'] != md5($_SESSION['NaCl'] . $sid)) exit;
    $body = strip_tags($_POST['body'],$atags);
    $api->q('UPDATE '. $config['mysql']['prefix'] .'topics SET `topic_body`=? WHERE topic_id='. $tid,$body);
    echo $api->get('topic','body',$tid);
    exit;
}
elseif($mode == "view")
{
    if(!$m[1])
    {
        echo "Please select a topic.";
        exit;
    }
    $tid = $m[1];
    $p = $_GET['page'];
    $p2 = $_GET['pp'];
    $page = ($p && $p >= 0) ? $p : 1;
    $pp = ($p2 && $p2 >= 0) ? $p2 : 15;
    $topic = $api->query("topic",array("tid"=>$tid,"page"=>$page,"pp"=>$pp,"order"=>"asc"));
    if(!$topic)
    {
        echo "That topic doesn't exist.";
        exit;
    }
    # Add a page view
    $sql = 'UPDATE '. $config['mysql']['prefix'] .'topics SET `topic_views` = '.($topic['views']+1).' WHERE topic_id='. $tid;
    $api->q($sql);
    $fname = $topic['fname'];
    $user = $topic['user'];
    $topics = count($user['topics']);
    if($_COOKIE['PHPSESSID']) session_id($_COOKIE['PHPSESSID']);
    session_start();
    $_SESSION['NaCl'] = shaker(32);
    $_SESSION['NaOH'] = $_SESSION['NaCN'] = md5($_SESSION['NaCl'] . $_COOKIE['PHPSESSID']);
    if($user["id"] == $_COOKIE['ramble_id'] or rank() >= 2) $tedit = true;
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
        "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

<head>
    <title>Ramble Forums: Viewing Topic '<?=$topic['title']?>'</title>
    <meta http-equiv="content-type" content="text/html;charset=utf-8" />
</head>
<body>
<div id="fnav">
<a href="forum/list">Forums</a> > <a href="forum/view/<?=$topic['fid']?>"><?=$fname?></a> > <a href="topic/view/<?=$tid?>"><?=$topic['title']?></a>
</div>
<div class="topic">
    <div class="cont" id="t<?=$tid?>">
        <div class="userbar">
            <h1><a href="user.php?m=view;<?=$user["id"]?>&amp;height=350&amp;width=450" class="dialog"><?=$user['name']?></a></h1>
            <h3><?=$user["title"]?></h3>
            <div class="avatar"><?if($ava = $user['avatar']) echo "\n\t\t\t\t<img src=\"uploads/avatars/$ava\" />\n\t\t\t"?></div>
            <table class="contact">
                <tr>
                    <?=contacts($user['contact'],"t$tid")?>
                </tr>
            </table>
            <span class="contact_hidden" id="ct<?=$tid?>"></span>
            <span>Topics: <?=$topics?></span><br />
            <span>Posts: <?=$user['posts']?></span>
        </div>
        <table class="body_cont">
            <tr class="info">
                <th><?=$topic['title']?></th>
                <?if($tedit){?>
                <th><?=date("F j, Y g:i:s A",$topic["date"]);?></th>
                <th><a onclick="edit(<?=$tid?>,'t');">[E]</a></th>
                <?}else{?>
                <th colspan="2"><?=date("F j, Y g:i:s A",$topic["date"]);?></th>
                <?}?>
            </tr>
            <tr>
                <td colspan="3" class="body">
                    <div class="tbody"><?=$topic['body']?></div>
                    <div class="traw">
                        <form action="topic.php?m=edit;<?=$tid?>&amp;<?=SID?>" method="post" onsubmit="$('.traw form').ajaxSubmit({beforeSubmit: function(){$('#t<?=$tid?> .subs').html(loadstr);}, success: function(){edit(<?=$tid?>,'t',1);}, target: '#t<?=$tid?> .tbody'}); return false;">
                            <div><textarea rows="5" name="body" cols="20"><?=$topic['raw']?></textarea></div>
                        </form>
                    </div>
                </td>
            </tr>
            <?if($user['signature']){?>
            <tr>
                <td colspan="3" class="sig"><?=$user['signature']?></td>
            </tr>
            <?}?>
        </table>
    </div>
    <?php
    if($topic['posts'])
    {
    ?>
    <div id="posts">
    <?php
        foreach($topic['posts'] as $post)
        {
            $user = $post['user'];
            $topics = count($user['topics']);
            if($user['id'] == $_COOKIE['ramble_id'] or rank() >= 2) $pedit = true;
            else $pedit = false;
            $pid = $post['id'];
    ?>
        <div class="cont" id="p<?=$pid?>">
            <div class="userbar">
                <h1><a href="user.php?m=view;<?=$user["id"]?>&amp;height=350&amp;width=450" class="dialog"><?=$user['name']?></a></h1><?if($user["title"]){?>
                <h3><?=$user["title"]?></h3>
                <?}?>
                <div class="avatar">
                    <?if($ava = $user['avatar']) echo "<img src=\"uploads/avatars/$ava\" />"?>
                </div>
                <table class="contact">
                    <tr>
                        <?=contacts($user['contact'],"p$pid")?>
                    </tr>
                </table>
                <span class="contact_hidden" id="cp<?=$pid?>"></span>
                <span>Topics: <?=$topics?></span><br />
                <span>Posts: <?=$user['posts']?></span>
            </div>
            <table class="body_cont">
                <tr class="info">
                    <th><?=$post['title']?></th>
                    <?if($pedit){?>
                    <th><?=date("F j, Y g:i:s A",$topic['date']);?></th>
                    <th><a onclick="edit(<?=$pid?>,'p');">[E]</a></th>
                    <?}else{?>
                    <th colspan="2"><?=date("F j, Y g:i:s A",$post['date']);?></th>
                    <?}?>
                </tr>
                <tr>
                    <td colspan="3" class="body">
                        <div class="pbody"><?=$post['body']?></div>
                        <div class="praw">
                            <form action="post.php?m=edit;<?=$pid?>&amp;<?=SID?>" method="post" onsubmit="$(this).ajaxSubmit({beforeSubmit: function(){$('#p<?=$pid?> .subs').html(loadstr);}, target: '#p<?=$pid?> .pbody', success: function(){edit(<?=$pid?>,'p',1);}}); return false;">
                                <div><textarea rows="5" name="body" cols="20"><?=$post['raw']?></textarea></div>
                            </form>
                        </div>
                    </td>
                </tr>
                <?if($user['signature']){?>
                <tr>
                    <td colspan="3" class="sig"><?=$user['signature']?></td>
                </tr>
                <?}?>
            </table>
        </div>
    <?php
        }
    ?>
    </div>
    <? } ?>
    <?if($_COOKIE['ramble_id']){?>
    <div id="reply">
        <form action="post.php?m=new;<?=$tid?>&amp;<?=SID?>" id="replyf" onsubmit="$('#replyf').ajaxSubmit({ success: function(d) { checkreply(d,<?=$tid?>); } }); return false;" method="post">
            <table>
                <tr>
                    <td><textarea name="body" rows="4" cols="20"></textarea></td>
                </tr>
                <tr>
                    <td><input type="submit" class="button" value="Post Reply" /></td>
                </tr>
            </table>
        </form>
        <div id="replyres"></div>
    </div>
    <?}?>
    <div id="tpages">
        <?php
        $pages = $topic['pages'];
        pagelinks($tid,$pages,$page,"topic");
        ?>
        <form action="topic/view/<?=$tid?>/page=<?=$page?>/pp=<?=$pp?>/order=asc" onsubmit="tp(<?=$tid?>,$('#jump').val(),<?=$config[$mode]['sidelinks']?>); return false;" id="pjump">
            <div>Jump to page <input type="text" value="<?=$page?>" name="page" id="jump" /> of <?=$pages?></div>
        </form>
    </div>
</div>
</body>
</html>
<?php
}
?>